Search criteria
5 vulnerabilities by Ingeteam
CVE-2026-8072 (GCVE-0-2026-8072)
Vulnerability from cvelistv5 – Published: 2026-05-12 09:57 – Updated: 2026-05-12 12:19
VLAI?
Title
Insecure generation of SAT access credentials in Ingecon EMS Board
Summary
Insecure generation of credentials in the local SAT (Technical Support) access functionality of the Ingecon Sun EMS Board. The vulnerability arose because the secret access credentials were not based on a secure cryptographic scheme, but rather on a weak hashing algorithm, which could allow an attacker to carry out a privilege escalation.
Severity ?
CWE
- CWE-327 - Use of a Broken or Risky Cryptographic Algorithm
Assigner
References
2 references
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Ingeteam | Ingecon Sun EMS Board |
Affected:
0 , ≤ AAX1055CT
(custom)
Affected: 0 , ≤ ABU1001_P (custom) Affected: 0 , ≤ ACL1201_B (custom) Affected: 0 , ≤ ACL1200AL (custom) Affected: 0 , ≤ ABH1027_K (custom) Affected: 0 , ≤ ABH1007_Z (custom) Affected: 0 , ≤ ABS1009_L (custom) Affected: 0 , ≤ ABS1005_T (custom) Affected: 0 , ≤ ACB1005_A (custom) Affected: 0 , ≤ AAX1031CN (custom) Unaffected: AAX1055CU Unaffected: ABU1001_Q Unaffected: ACL1201_C Unaffected: ACL1200AM Unaffected: ABH1027_L Unaffected: ABH1007AA Unaffected: ABS1009_P Unaffected: ABS1005_U Unaffected: ACB1005_C Unaffected: AAX1031CO |
Date Public ?
2026-05-12 09:47
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-8072",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-12T12:14:40.942716Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T12:19:29.775Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Ingecon Sun EMS Board",
"vendor": "Ingeteam",
"versions": [
{
"lessThanOrEqual": "AAX1055CT",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "ABU1001_P",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "ACL1201_B",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "ACL1200AL",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "ABH1027_K",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "ABH1007_Z",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "ABS1009_L",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "ABS1005_T",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "ACB1005_A",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThanOrEqual": "AAX1031CN",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "AAX1055CU"
},
{
"status": "unaffected",
"version": "ABU1001_Q"
},
{
"status": "unaffected",
"version": "ACL1201_C"
},
{
"status": "unaffected",
"version": "ACL1200AM"
},
{
"status": "unaffected",
"version": "ABH1027_L"
},
{
"status": "unaffected",
"version": "ABH1007AA"
},
{
"status": "unaffected",
"version": "ABS1009_P"
},
{
"status": "unaffected",
"version": "ABS1005_U"
},
{
"status": "unaffected",
"version": "ACB1005_C"
},
{
"status": "unaffected",
"version": "AAX1031CO"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ingeteam:ingecon_sun_ems_board:*:*:*:*:*:*:*:*",
"versionEndIncluding": "aax1055ct",
"versionStartIncluding": "0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ingeteam:ingecon_sun_ems_board:*:*:*:*:*:*:*:*",
"versionEndIncluding": "abu1001_p",
"versionStartIncluding": "0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ingeteam:ingecon_sun_ems_board:*:*:*:*:*:*:*:*",
"versionEndIncluding": "acl1201_b",
"versionStartIncluding": "0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ingeteam:ingecon_sun_ems_board:*:*:*:*:*:*:*:*",
"versionEndIncluding": "acl1200al",
"versionStartIncluding": "0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ingeteam:ingecon_sun_ems_board:*:*:*:*:*:*:*:*",
"versionEndIncluding": "abh1027_k",
"versionStartIncluding": "0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ingeteam:ingecon_sun_ems_board:*:*:*:*:*:*:*:*",
"versionEndIncluding": "abh1007_z",
"versionStartIncluding": "0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ingeteam:ingecon_sun_ems_board:*:*:*:*:*:*:*:*",
"versionEndIncluding": "abs1009_l",
"versionStartIncluding": "0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ingeteam:ingecon_sun_ems_board:*:*:*:*:*:*:*:*",
"versionEndIncluding": "abs1005_t",
"versionStartIncluding": "0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ingeteam:ingecon_sun_ems_board:*:*:*:*:*:*:*:*",
"versionEndIncluding": "acb1005_a",
"versionStartIncluding": "0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ingeteam:ingecon_sun_ems_board:*:*:*:*:*:*:*:*",
"versionEndIncluding": "aax1031cn",
"versionStartIncluding": "0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ingeteam:ingecon_sun_ems_board:aax1055cu:*:*:*:*:*:*:*",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:ingeteam:ingecon_sun_ems_board:abu1001_q:*:*:*:*:*:*:*",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:ingeteam:ingecon_sun_ems_board:acl1201_c:*:*:*:*:*:*:*",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:ingeteam:ingecon_sun_ems_board:acl1200am:*:*:*:*:*:*:*",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:ingeteam:ingecon_sun_ems_board:abh1027_l:*:*:*:*:*:*:*",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:ingeteam:ingecon_sun_ems_board:abh1007aa:*:*:*:*:*:*:*",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:ingeteam:ingecon_sun_ems_board:abs1009_p:*:*:*:*:*:*:*",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:ingeteam:ingecon_sun_ems_board:abs1005_u:*:*:*:*:*:*:*",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:ingeteam:ingecon_sun_ems_board:acb1005_c:*:*:*:*:*:*:*",
"vulnerable": false
},
{
"criteria": "cpe:2.3:a:ingeteam:ingecon_sun_ems_board:aax1031co:*:*:*:*:*:*:*",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "OR"
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Rub\u00e9n Santamarta"
}
],
"datePublic": "2026-05-12T09:47:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Insecure generation of credentials in the local SAT (Technical Support) access functionality of the Ingecon Sun EMS Board. The vulnerability arose because the secret access credentials were not based on a secure cryptographic scheme, but rather on a weak hashing algorithm, which could allow an attacker to carry out a privilege escalation."
}
],
"value": "Insecure generation of credentials in the local SAT (Technical Support) access functionality of the Ingecon Sun EMS Board. The vulnerability arose because the secret access credentials were not based on a secure cryptographic scheme, but rather on a weak hashing algorithm, which could allow an attacker to carry out a privilege escalation."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "HIGH",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.2,
"baseSeverity": "CRITICAL",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-327",
"description": "CWE-327: Use of a Broken or Risky Cryptographic Algorithm",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-12T09:57:02.625Z",
"orgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516",
"shortName": "INCIBE"
},
"references": [
{
"tags": [
"patch"
],
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso-sci/insecure-generation-sat-access-credentials-ingecon-ems-board"
},
{
"url": "https://www.reversemode.com/2026/05/a-practical-analysis-of-cyber-physical.html"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The risk has been mitigated with the release of a patch applicable to all versions, developed in December 2025. It is recommended that users update to the newer versions."
}
],
"value": "The risk has been mitigated with the release of a patch applicable to all versions, developed in December 2025. It is recommended that users update to the newer versions."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Insecure generation of SAT access credentials in Ingecon EMS Board",
"x_generator": {
"engine": "Vulnogram 1.0.2"
}
}
},
"cveMetadata": {
"assignerOrgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516",
"assignerShortName": "INCIBE",
"cveId": "CVE-2026-8072",
"datePublished": "2026-05-12T09:57:02.625Z",
"dateReserved": "2026-05-07T09:46:15.152Z",
"dateUpdated": "2026-05-12T12:19:29.775Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-3770 (GCVE-0-2023-3770)
Vulnerability from cvelistv5 – Published: 2023-10-02 13:11 – Updated: 2024-09-20 14:54
VLAI?
Title
Vulnerability in Ingeteam's INGEPAC DA
Summary
Incorrect validation vulnerability of the data entered, allowing an attacker with access to the network on which the affected device is located to use the discovery port protocol (1925/UDP) to obtain device-specific information without the need for authentication.
Severity ?
5.3 (Medium)
CWE
- CWE-20 - Improper Input Validation
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Ingeteam | INGEPAC DA3451 |
Affected:
0.29.2.42
|
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:08:50.119Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso-sci/multiple-vulnerabilities-ingeteam-products"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:h:ingeteam:ingepac_da3451:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "ingepac_da3451",
"vendor": "ingeteam",
"versions": [
{
"status": "affected",
"version": "0.29.2.42"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-3770",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-20T14:53:25.584119Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-20T14:54:20.421Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "INGEPAC DA3451",
"vendor": "Ingeteam",
"versions": [
{
"status": "affected",
"version": "0.29.2.42"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Aar\u00f3n Flecha Men\u00e9ndez and Gabriel V\u00eda Echezarreta"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;Incorrect validation vulnerability of the data entered, allowing an attacker with access to the network on which the affected device is located to use the discovery port protocol (1925/UDP) to obtain device-specific information without the need for authentication.\u003c/span\u003e\n\n"
}
],
"value": "\n\u00a0Incorrect validation vulnerability of the data entered, allowing an attacker with access to the network on which the affected device is located to use the discovery port protocol (1925/UDP) to obtain device-specific information without the need for authentication.\n\n"
}
],
"impacts": [
{
"capecId": "CAPEC-10",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-10 Buffer Overflow via Environment Variables"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-23T10:15:55.286Z",
"orgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516",
"shortName": "INCIBE"
},
"references": [
{
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso-sci/multiple-vulnerabilities-ingeteam-products"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The information published in this port is public and non-confidential. Its purpose is to make devices discoverable through software tools such as Ingeteam PAC Factory. If there is a cybersecurity concern about the data displayed, the port can be disabled on each device through its internal firewall service.\u003cbr\u003e"
}
],
"value": "The information published in this port is public and non-confidential. Its purpose is to make devices discoverable through software tools such as Ingeteam PAC Factory. If there is a cybersecurity concern about the data displayed, the port can be disabled on each device through its internal firewall service.\n"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Vulnerability in Ingeteam\u0027s INGEPAC DA",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516",
"assignerShortName": "INCIBE",
"cveId": "CVE-2023-3770",
"datePublished": "2023-10-02T13:11:05.513Z",
"dateReserved": "2023-07-19T11:41:50.175Z",
"dateUpdated": "2024-09-20T14:54:20.421Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-3769 (GCVE-0-2023-3769)
Vulnerability from cvelistv5 – Published: 2023-10-02 13:01 – Updated: 2024-09-20 14:56
VLAI?
Title
Vulnerability in Ingeteam's INGEPAC EF
Summary
Incorrect data input validation vulnerability, which could allow an attacker with access to the network to implement fuzzing techniques that would allow him to gain knowledge about specially crafted packets that would create a DoS condition through the MMS protocol when initiating communication, achieving a complete system reboot of the device and its services.
Severity ?
8.6 (High)
CWE
- CWE-20 - Improper Input Validation
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Ingeteam | INGEPAC FC5066 |
Affected:
9.0.22.6+6.1.1.22+5.3.1.1
|
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:08:49.937Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso-sci/multiple-vulnerabilities-ingeteam-products"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:h:ingeteam:ingepac_fc5066:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "ingepac_fc5066",
"vendor": "ingeteam",
"versions": [
{
"status": "affected",
"version": "9.0.22.6+6.1.1.22+5.3.1.1"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-3769",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-20T14:54:52.752058Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-20T14:56:18.313Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "INGEPAC FC5066",
"vendor": "Ingeteam",
"versions": [
{
"status": "affected",
"version": "9.0.22.6+6.1.1.22+5.3.1.1"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Aar\u00f3n Flecha Men\u00e9ndez and Gabriel V\u00eda Echezarreta."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Incorrect data input validation vulnerability, which could allow an attacker with access to the network to implement fuzzing techniques that would allow him to gain knowledge about specially crafted packets that would create a DoS condition through the MMS protocol when initiating communication, achieving a complete system reboot of the device and its services."
}
],
"value": "Incorrect data input validation vulnerability, which could allow an attacker with access to the network to implement fuzzing techniques that would allow him to gain knowledge about specially crafted packets that would create a DoS condition through the MMS protocol when initiating communication, achieving a complete system reboot of the device and its services."
}
],
"impacts": [
{
"capecId": "CAPEC-10",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-10 Buffer Overflow via Environment Variables"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20: Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-23T10:15:07.508Z",
"orgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516",
"shortName": "INCIBE"
},
"references": [
{
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso-sci/multiple-vulnerabilities-ingeteam-products"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "9.8.30.0 version and later.\u003cbr\u003e"
}
],
"value": "9.8.30.0 version and later.\n"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Vulnerability in Ingeteam\u0027s INGEPAC EF ",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516",
"assignerShortName": "INCIBE",
"cveId": "CVE-2023-3769",
"datePublished": "2023-10-02T13:01:03.985Z",
"dateReserved": "2023-07-19T11:41:49.204Z",
"dateUpdated": "2024-09-20T14:56:18.313Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-3768 (GCVE-0-2023-3768)
Vulnerability from cvelistv5 – Published: 2023-10-02 10:55 – Updated: 2024-09-20 16:49
VLAI?
Title
Vulnerability in Ingeteam's INGEPAC EF/DA
Summary
Incorrect data input validation vulnerability, which could allow an attacker with access to the network to implement fuzzing techniques that would allow him to gain knowledge about specially crafted packets that would create a DoS condition through the MMS protocol when initiating communication, achieving a complete system reboot of the device and its services.
Severity ?
8.6 (High)
CWE
- CWE-20 - Improper Input Validation
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Ingeteam | INGEPAC DA3451 |
Affected:
0.29.2.42
|
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:08:49.809Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso-sci/multiple-vulnerabilities-ingeteam-products"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-3768",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-20T16:48:36.887942Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-20T16:49:01.471Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "INGEPAC DA3451",
"vendor": "Ingeteam",
"versions": [
{
"status": "affected",
"version": "0.29.2.42"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Aar\u00f3n Flecha Men\u00e9ndez and Gabriel V\u00eda Echezarreta"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Incorrect data input validation vulnerability, which could allow an attacker with access to the network to implement fuzzing techniques that would allow him to gain knowledge about specially crafted packets that would create a DoS condition through the MMS protocol when initiating communication, achieving a complete system reboot of the device and its services."
}
],
"value": "Incorrect data input validation vulnerability, which could allow an attacker with access to the network to implement fuzzing techniques that would allow him to gain knowledge about specially crafted packets that would create a DoS condition through the MMS protocol when initiating communication, achieving a complete system reboot of the device and its services."
}
],
"impacts": [
{
"capecId": "CAPEC-10",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-10 Buffer Overflow via Environment Variables"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20: Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-23T10:14:24.319Z",
"orgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516",
"shortName": "INCIBE"
},
"references": [
{
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso-sci/multiple-vulnerabilities-ingeteam-products"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e1.0.4.0 version (released on 30-09-2021) and later.\u003c/span\u003e\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "\n\n\n1.0.4.0 version (released on 30-09-2021) and later.\n"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Vulnerability in Ingeteam\u0027s INGEPAC EF/DA",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516",
"assignerShortName": "INCIBE",
"cveId": "CVE-2023-3768",
"datePublished": "2023-10-02T10:55:39.288Z",
"dateReserved": "2023-07-19T11:41:48.222Z",
"dateUpdated": "2024-09-20T16:49:01.471Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-20007 (GCVE-0-2017-20007)
Vulnerability from cvelistv5 – Published: 2021-10-25 13:33 – Updated: 2024-09-17 00:51
VLAI?
Title
Information Exposure in INGEPAC DA AU
Summary
Ingeteam INGEPAC DA AU AUC_1.13.0.28 (and before) web application allows access to a certain path that contains sensitive information that could be used by an attacker to execute more sophisticated attacks. An unauthenticated remote attacker with access to the device´s web service could exploit this vulnerability in order to obtain different configuration files.
Severity ?
5.3 (Medium)
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://www.incibe-cert.es/en/early-warning/ics-a… | x_refsource_CONFIRM |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Ingeteam | INGEPAC DA AU |
Affected:
AUC_1.13.0.28 , ≤ AUC_1.13.0.28
(custom)
|
Date Public ?
2021-10-20 00:00
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T21:45:24.444Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.incibe-cert.es/en/early-warning/ics-advisories/information-exposure-ingepac-da-au"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "INGEPAC DA AU",
"vendor": "Ingeteam",
"versions": [
{
"lessThanOrEqual": "AUC_1.13.0.28",
"status": "affected",
"version": "AUC_1.13.0.28",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Industrial Cybersecurity team of S21sec, special mention to Jacinto Moral Matell\u00e1n."
}
],
"datePublic": "2021-10-20T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Ingeteam INGEPAC DA AU AUC_1.13.0.28 (and before) web application allows access to a certain path that contains sensitive information that could be used by an attacker to execute more sophisticated attacks. An unauthenticated remote attacker with access to the device\u00b4s web service could exploit this vulnerability in order to obtain different configuration files."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-25T13:33:40.000Z",
"orgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516",
"shortName": "INCIBE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.incibe-cert.es/en/early-warning/ics-advisories/information-exposure-ingepac-da-au"
}
],
"solutions": [
{
"lang": "en",
"value": "All the firmware versions from AUC_1.14.0.29 fix this issue."
}
],
"source": {
"advisory": "INCIBE-2021-0429",
"discovery": "EXTERNAL"
},
"title": "Information Exposure in INGEPAC DA AU",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve-coordination@incibe.es",
"DATE_PUBLIC": "2021-10-20T09:00:00.000Z",
"ID": "CVE-2017-20007",
"STATE": "PUBLIC",
"TITLE": "Information Exposure in INGEPAC DA AU"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "INGEPAC DA AU",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "AUC_1.13.0.28",
"version_value": "AUC_1.13.0.28"
}
]
}
}
]
},
"vendor_name": "Ingeteam"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Industrial Cybersecurity team of S21sec, special mention to Jacinto Moral Matell\u00e1n."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Ingeteam INGEPAC DA AU AUC_1.13.0.28 (and before) web application allows access to a certain path that contains sensitive information that could be used by an attacker to execute more sophisticated attacks. An unauthenticated remote attacker with access to the device\u00b4s web service could exploit this vulnerability in order to obtain different configuration files."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.incibe-cert.es/en/early-warning/ics-advisories/information-exposure-ingepac-da-au",
"refsource": "CONFIRM",
"url": "https://www.incibe-cert.es/en/early-warning/ics-advisories/information-exposure-ingepac-da-au"
}
]
},
"solution": [
{
"lang": "en",
"value": "All the firmware versions from AUC_1.14.0.29 fix this issue."
}
],
"source": {
"advisory": "INCIBE-2021-0429",
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516",
"assignerShortName": "INCIBE",
"cveId": "CVE-2017-20007",
"datePublished": "2021-10-25T13:33:40.894Z",
"dateReserved": "2021-09-29T00:00:00.000Z",
"dateUpdated": "2024-09-17T00:51:13.127Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}